Skills
skills/akillness/oh-my-gods/genkit/Gen Agent Trust Hub

genkit

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the Genkit CLI installation script from the official domain cli.genkit.dev via a piped shell command.
  • [COMMAND_EXECUTION]: Provides standard instructions for installing and running Node.js development tools, including genkit-cli, tsx, and various Genkit model/vectorstore plugins.
  • [PROMPT_INJECTION]: The skill documents the creation of AI flows that ingest and process external user-provided data.
  • Ingestion points: Found in summarizeFlow, agentFlow, and ragFlow where untrusted text is interpolated into LLM prompts.
  • Boundary markers: Present in ragFlow and chatFlow examples using system instructions to ground model responses in context.
  • Capability inventory: Utilizes ai.generate for text generation and ai.defineTool for executing functional logic.
  • Sanitization: Uses Zod schemas for strict input/output structure validation, although natural language content sanitization is the responsibility of the implementer.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 01:49 PM